vi.haenselblatt.com Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vi.haenselblatt.com/
Submission: On August 13 via api (August 13th 2024, 2:09:27 am UTC) from US — Scanned from NL

Summary HTTP 83 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 28 IPs in 9 countries across 34 domains to perform 83 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is vi.haenselblatt.com.
TLS certificate: Issued by WE1 on July 4th 2024. Valid for: 3 months.

This is the only time vi.haenselblatt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	2600:9000:275... 2600:9000:275b:3000:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:f7cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 8	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:e000:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:1a00:f:a31d:75c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	185.106.140.18 185.106.140.18	7979 (SERVERS-COM) (SERVERS-COM)
2	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2606:4700:10:... 2606:4700:10::6816:1ed1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3	212.77.99.29 212.77.99.29	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
2	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::6816:1fd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.42.201 172.67.42.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	145.40.97.77 145.40.97.77	54825 (PACKET) (PACKET)
83	28

14 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

vi.haenselblatt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ar.haenselblatt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:275b:3000:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f7cb (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

www.anltc.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:e000:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:1a00:f:a31d:75c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.optad360.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1ed1 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl

ssp.wp.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, CY)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1fd1 (United States)

ASN13335 (CLOUDFLARENET, US)

csync.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.42.201 (United States)

ASN13335 (CLOUDFLARENET, US)

sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.40.97.77 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: omni-am6-8rdni7

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	haenselblatt.com vi.haenselblatt.com ar.haenselblatt.com	345 KB
6	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 6787	4 KB
3	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 944 gum.criteo.com — Cisco Umbrella Rank: 553	451 B
3	wp.pl ssp.wp.pl — Cisco Umbrella Rank: 14937	193 B
3	smilewanted.com prebid.smilewanted.com — Cisco Umbrella Rank: 5898 csync.smilewanted.com — Cisco Umbrella Rank: 4588	371 B
3	anltc.cc www.anltc.cc	1 KB
3	gstatic.com fonts.gstatic.com	70 KB
3	optad360.io get.optad360.io — Cisco Umbrella Rank: 19827 cmp.optad360.io — Cisco Umbrella Rank: 52014	208 KB
2	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6957	363 B
2	adform.net adx.adform.net — Cisco Umbrella Rank: 5039 cm.adform.net Failed	1 KB
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 920
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1081
2	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 383
2	adxpremium.services rtb.adxpremium.services — Cisco Umbrella Rank: 13627
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280	180 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2503	71 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	8 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157	194 KB
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1162 Failed 1x1.a-mo.net Failed
1	quantumdex.io useast.quantumdex.io Failed sync.quantumdex.io — Cisco Umbrella Rank: 9703
1	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662
1	optad360.net cdn.optad360.net — Cisco Umbrella Rank: 53010	3 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1211	29 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1314	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	990 B
0	sitescout.com Failed pixel-sync.sitescout.com Failed
0	bidswitch.net Failed x.bidswitch.net Failed
0	rubiconproject.com Failed pixel.rubiconproject.com Failed
0	adsrvr.org Failed match.adsrvr.org Failed
0	criteo.net Failed static.criteo.net Failed
0	vidoomy.com Failed d.vidoomy.com Failed
0	smartadserver.com Failed prg.smartadserver.com Failed
0	4dex.io Failed script.4dex.io Failed
0	jsdelivr.net Failed cdn.jsdelivr.net Failed
83	34

	Domain	Requested by
8	ar.haenselblatt.com	vi.haenselblatt.com
6	mc.yandex.com	2 redirects vi.haenselblatt.com mc.yandex.ru
6	vi.haenselblatt.com	vi.haenselblatt.com unpkg.com
3	ssp.wp.pl	get.optad360.io
3	www.anltc.cc	vi.haenselblatt.com www.anltc.cc
3	fonts.gstatic.com	fonts.googleapis.com
2	bidder.criteo.com	get.optad360.io
2	prebid-eu.creativecdn.com	get.optad360.io
2	adx.adform.net	get.optad360.io
2	rtb.openx.net	get.optad360.io vi.haenselblatt.com
2	onetag-sys.com	get.optad360.io
2	prebid.smilewanted.com	get.optad360.io
2	ib.adnxs.com	get.optad360.io
2	rtb.adxpremium.services	get.optad360.io
2	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
2	mc.yandex.ru	1 redirects vi.haenselblatt.com
2	cdnjs.cloudflare.com	vi.haenselblatt.com
2	get.optad360.io	vi.haenselblatt.com get.optad360.io
2	pagead2.googlesyndication.com	vi.haenselblatt.com pagead2.googlesyndication.com
1	sync.quantumdex.io	get.optad360.io
1	csync.smilewanted.com	get.optad360.io
1	gum.criteo.com	get.optad360.io
1	prebid.a-mo.net	get.optad360.io
1	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
1	cdn.optad360.net	vi.haenselblatt.com
1	cmp.optad360.io	vi.haenselblatt.com
1	code.jquery.com	vi.haenselblatt.com
1	unpkg.com	vi.haenselblatt.com
1	fonts.googleapis.com	vi.haenselblatt.com
0	pixel-sync.sitescout.com Failed	vi.haenselblatt.com
0	cm.adform.net Failed	vi.haenselblatt.com
0	x.bidswitch.net Failed	vi.haenselblatt.com
0	pixel.rubiconproject.com Failed	vi.haenselblatt.com
0	match.adsrvr.org Failed	get.optad360.io
0	static.criteo.net Failed	get.optad360.io
0	1x1.a-mo.net Failed	vi.haenselblatt.com
0	d.vidoomy.com Failed	get.optad360.io
0	useast.quantumdex.io Failed	get.optad360.io
0	prg.smartadserver.com Failed	get.optad360.io
0	script.4dex.io Failed	get.optad360.io
0	cdn.jsdelivr.net Failed	get.optad360.io
83	41

This site contains links to these domains. Also see Links.

Domain
www.haenselblatt.com
es.haenselblatt.com
fr.haenselblatt.com
ar.haenselblatt.com
bg.haenselblatt.com
cs.haenselblatt.com
da.haenselblatt.com
el.haenselblatt.com
et.haenselblatt.com
fi.haenselblatt.com
he.haenselblatt.com
hi.haenselblatt.com
hr.haenselblatt.com
hu.haenselblatt.com
id.haenselblatt.com
it.haenselblatt.com
ja.haenselblatt.com
ko.haenselblatt.com
lt.haenselblatt.com
lv.haenselblatt.com
ms.haenselblatt.com
nl.haenselblatt.com
no.haenselblatt.com
pl.haenselblatt.com
pt.haenselblatt.com
ro.haenselblatt.com
ru.haenselblatt.com
sk.haenselblatt.com
sl.haenselblatt.com
sr.haenselblatt.com
sv.haenselblatt.com
th.haenselblatt.com
tr.haenselblatt.com
ua.haenselblatt.com

Subject Issuer	Validity	Valid
haenselblatt.com WE1	`2024-07-04` - `2024-10-02`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.optad360.io Amazon RSA 2048 M02	`2023-09-17` - `2024-10-15`	a year	crt.sh
unpkg.com WE1	`2024-07-28` - `2024-10-26`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-05-23` - `2024-11-02`	5 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
anltc.cc WE1	`2024-07-05` - `2024-10-03`	3 months	crt.sh
*.optad360.net Amazon RSA 2048 M03	`2024-05-26` - `2025-06-25`	a year	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2024-07-30` - `2025-08-05`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
smilewanted.com WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.wp.pl RapidSSL TLS RSA CA G1	`2024-03-04` - `2025-03-14`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2024-04-05` - `2025-04-30`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-18` - `2024-09-17`	3 months	crt.sh
quantumdex.io WE1	`2024-07-30` - `2024-10-28`	3 months	crt.sh
*.a-mo.net R10	`2024-07-04` - `2024-10-02`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://vi.haenselblatt.com/
Frame ID: BE34BEF05B4306440825590E72D7206B
Requests: 77 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: E2D351D856E2E438CB060665F894CC8E
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: C51EC3749BB9707C5963D4414EF0E5FF
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 52FEAD9B51AA26443DCDD2E317EE9877
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: F28784CE39FED2CFF26609169E56670E
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=43190899129473050000&sn=mc_adapter
Frame ID: 7980432E3CB17AEFC033EBA5A3CE89AC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Thông tin hữu ích và lời khuyên làm vườn. Blog làm vườn chuyên nghiệp! | Làm thế nào để trở thành một người làm vườn chuyên nghiệp. Thông tin hữu ích và lời khuyên cho việc chăm sóc cây. Bách khoa toà

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

83
Requests

72 %
HTTPS

41 %
IPv6

34
Domains

41
Subdomains

28
IPs

9
Countries

1116 kB
Transfer

4371 kB
Size

44
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://www.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://es.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://fr.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://ar.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://bg.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://cs.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://da.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://el.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://et.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://fi.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://he.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://hi.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://hr.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://hu.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://id.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://it.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://ja.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://ko.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://lt.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://lv.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://ms.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://nl.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://no.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://pl.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://pt.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://ro.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://ru.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://sk.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://sl.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://sr.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://sv.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://th.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://tr.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://ua.haenselblatt.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10459.GySzFO8Xoo9M3WVy4phjaCHChMI3TinxGPmExzpP78bUh9orPhEvS_SrVr3T8Pi0.mYwMMBwLXaPRulywbXwtCk9DWCA%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10459.HXQo2LSy9N_TkgXW4nu-OHRVdvRyGqu8XVMTsrMWxpcoHFfvM84dfePVthetI1hg_w0bCBSEdXy1m-6FPoRPg7WRrMMgDiYr14VbhyUXqdXV4VnU-I55peNWjegIoIArUQL7jBhcwvmTppAVvaW68EMS8XL21FussNOR9ntd7FjOMMyZvECAu8rDqNhNB6zZDvht6HpmGZDHHUSmbd8oSfgUjeDG7kWmkn2cPreT-HY%2C.NmVmy0f5ruQJIu88bDdpLOHYqsc%2C

Request Chain 37

https://mc.yandex.com/watch/49787647?wmode=7&page-url=https%3A%2F%2Fvi.haenselblatt.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A656359305097%3Ahid%3A653284813%3Az%3A120%3Ai%3A20240813040854%3Aet%3A1723514934%3Ac%3A1%3Arn%3A187760620%3Arqn%3A1%3Au%3A1723514934302423301%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2213%3Awv%3A2%3Ads%3A301%2C367%2C44%2C3%2C1%2C0%2C%2C2879%2C1%2C%2C%2C%2C3596%3Aco%3A0%3Acpf%3A1%3Ans%3A1723514929710%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1723514935%3At%3ATh%C3%B4ng%20tin%20h%E1%BB%AFu%20%C3%ADch%20v%C3%A0%20l%E1%BB%9Di%20khuy%C3%AAn%20l%C3%A0m%20v%C6%B0%E1%BB%9Dn.%20Blog%20l%C3%A0m%20v%C6%B0%E1%BB%9Dn%20chuy%C3%AAn%20nghi%E1%BB%87p!%20%7C%20L%C3%A0m%20th%E1%BA%BF%20n%C3%A0o%20%C4%91%E1%BB%83%20tr%E1%BB%9F%20th%C3%A0nh%20m%E1%BB%99t%20ng%C6%B0%E1%BB%9Di%20l%C3%A0m%20v%C6%B0%E1%BB%9Dn%20chuy%C3%AAn%20nghi%E1%BB%87p.%20Th%C3%B4ng%20tin%20h%E1%BB%AFu%20%C3%ADch%20v%C3%A0%20l%E1%BB%9Di%20khuy%C3%AAn%20cho%20vi%E1%BB%87c%20ch%C4%83m%20s%C3%B3c%20c%C3%A2y.%20B%C3%A1ch%20khoa%20to%C3%A0n%20th%C6%B0%20v%E1%BB%81%20l%C3%A0m%20v%C6%B0%E1%BB%9Dn.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037568)ti(1) HTTP 302
https://mc.yandex.com/watch/49787647/1?wmode=7&page-url=https%3A%2F%2Fvi.haenselblatt.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A656359305097%3Ahid%3A653284813%3Az%3A120%3Ai%3A20240813040854%3Aet%3A1723514934%3Ac%3A1%3Arn%3A187760620%3Arqn%3A1%3Au%3A1723514934302423301%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2213%3Awv%3A2%3Ads%3A301%2C367%2C44%2C3%2C1%2C0%2C%2C2879%2C1%2C%2C%2C%2C3596%3Aco%3A0%3Acpf%3A1%3Ans%3A1723514929710%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1723514935%3At%3ATh%C3%B4ng%20tin%20h%E1%BB%AFu%20%C3%ADch%20v%C3%A0%20l%E1%BB%9Di%20khuy%C3%AAn%20l%C3%A0m%20v%C6%B0%E1%BB%9Dn.%20Blog%20l%C3%A0m%20v%C6%B0%E1%BB%9Dn%20chuy%C3%AAn%20nghi%E1%BB%87p%21%20%7C%20L%C3%A0m%20th%E1%BA%BF%20n%C3%A0o%20%C4%91%E1%BB%83%20tr%E1%BB%9F%20th%C3%A0nh%20m%E1%BB%99t%20ng%C6%B0%E1%BB%9Di%20l%C3%A0m%20v%C6%B0%E1%BB%9Dn%20chuy%C3%AAn%20nghi%E1%BB%87p.%20Th%C3%B4ng%20tin%20h%E1%BB%AFu%20%C3%ADch%20v%C3%A0%20l%E1%BB%9Di%20khuy%C3%AAn%20cho%20vi%E1%BB%87c%20ch%C4%83m%20s%C3%B3c%20c%C3%A2y.%20B%C3%A1ch%20khoa%20to%C3%A0n%20th%C6%B0%20v%E1%BB%81%20l%C3%A0m%20v%C6%B0%E1%BB%9Dn.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29

83 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
vi.haenselblatt.com/ 15 KB
4 KB 713ms
44ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vi.haenselblatt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17c42a335857c3ff4863798c56416224f24f4ca283ee42b08ed33c77b80b53be

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8b2528dafbd39b5b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 13 Aug 2024 02:08:50 GMT
expires: Tue, 13 Aug 2024 02:18:50 GMT
last-modified: Wed, 11 Mar 2020 21:28:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BileuE6Tcb13t0prqVvtJadJGWsWfKDL%2BYLQ9HOtpLoeOfEJOKT9QYikIdy2BwIhuguUa7GOyA77VGl0G6TXKB%2Bb3eJpWXDON%2BvCJ5kviXqnFh7p9NzqQgy0jDwFTSmozRAFMvce"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 3 KB
990 B 764ms
72ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=cyrillic

Requested by

Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1076d5bb7f1896b00ca2e5fe084f70af57c528d2b01ef24d986e4a5941bc270a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 02:08:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 02:08:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Aug 2024 02:08:51 GMT

GET
H3 200 main.min.css
vi.haenselblatt.com/css/ 51 KB
7 KB 54ms
51ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vi.haenselblatt.com/css/main.min.css
Requested by: Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f09558ac9e3c60e1f166a9226e68804022e72b8683d50ce677c7046d7ddd2e74

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:50 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 21 Apr 2020 22:19:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5e9f716d-cc29"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KJFH%2FiAhxdLVtt%2FeU3Xwpq7QJ95l%2BkWZNKFZ2cwnQce4UGa%2F47CxXVkXlN0mV1kDXz2%2Bdi7US9N196to%2FCaP9aVHYG1lDkfQK4%2BxFRorUwXb430BeozJkVGLd3ctMJw0qQpy5wlT"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 8b2528db6c599b5b-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
51 KB 783ms
78ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

ff5d6452110ae3d975d37313921da31a75bef87a81348e574f3ff9adfc73d412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52573
x-xss-protection: 0
server: cafe
etag: 3546401650608816089
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 13 Aug 2024 02:08:52 GMT

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/c948c303-5698-4522-ab5f-4b31b2e48774/ 186 KB
43 KB 978ms
142ms Script
application/javascript 2600:9000:275b:3000:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/c948c303-5698-4522-ab5f-4b31b2e48774/plugin.min.js
Requested by: Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:3000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 749d584d553121457f53926f2d79727f2b5877d012bdf2c72f2ec6b8d2d6fad6

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:53 GMT
content-encoding: gzip
via: 1.1 4f2a14569b371893f3851a804b6ae8dc.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 12:42:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
etag: W/"96aec5da7f7909e6b4ab14f32ea32927"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-id: ll_x-_3tgjh1YA5IX_E3GkPCMtg-o_yXqTb14YmISjKPtsJV7-IgmA==

GET
H3 200 yellow-bumpy-squash-why-is-my-squash-bumpy.jpg
ar.haenselblatt.com/img/images/ 38 KB
39 KB 225ms
66ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ar.haenselblatt.com/img/images/yellow-bumpy-squash-why-is-my-squash-bumpy.jpg
Requested by: Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ea8bf9e81ffe4f66ad9007a3e3725a0fe92a2b07c86976dd378b72e895a2d51

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:50 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Feb 2020 14:38:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e455f4c-9900"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2FLrjzaJomMvDgvLbYEEoqMZ45pPDFrPqlB27V%2BEEsWvTZ43C7Rlb7ITuqKu3DG0oLfOxeconOQpwBSqF7NROjjFXTbeZU1m8tnv4QTwSO9Y03b3a3BDGhqumNfX3kIZal%2Byan7R"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8b2528dc6d2b9b5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 39168
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 yellow-apple-trees-growing-apples-that-are-yellow.jpg
ar.haenselblatt.com/img/images/ 20 KB
21 KB 208ms
49ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ar.haenselblatt.com/img/images/yellow-apple-trees-growing-apples-that-are-yellow.jpg
Requested by: Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5f8b116a35a9188b61cdbcfbe88a1deff870893153fc3a51e4bf4d30a142910

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:50 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Feb 2020 14:38:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e455f4c-50f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZjDHp%2BJKLF9PqujT1aEYhoYkk40mTHIVdGwm4peKLLkUzOTdaTIMIx7mnpznGOwREW%2FYKklkpYtLmn%2B4fxlT7BQF%2BrzYzvahWMpePBR0ebZ%2B0Rc4N1NZ5VrV%2BrY1iFrG5Y3v65Ps"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8b2528dc6d2a9b5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20721
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 yellow-african-violet-leaves-what-to-do-when-african-violet-leaves-are-yellow.jpg
ar.haenselblatt.com/img/images/ 27 KB
27 KB 124ms
123ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ar.haenselblatt.com/img/images/yellow-african-violet-leaves-what-to-do-when-african-violet-leaves-are-yellow.jpg
Requested by: Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61f0289508a17350d0862e5e31e983e667fea5a543cc2b4fff411af39b5bd2b8

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:51 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Feb 2020 14:38:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e455f4c-6bac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pS4ZSpCfzi2JG2Ig02%2FAGi398c%2BHcNTY%2BygjMU%2BB2lucNjBKQksd4c%2BwwwsH4mDA8IN4VUPRRvY4bsStLVaJcyZCJY3cof7WMkspzwVcf3mLiCx%2F32%2F8DghBqGY4l0FKMKZnlKaz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8b2528e0b8e19b5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 27564
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 year-round-garden-planner-how-to-create-a-four-season-garden.jpg
ar.haenselblatt.com/img/images/ 72 KB
73 KB 125ms
123ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ar.haenselblatt.com/img/images/year-round-garden-planner-how-to-create-a-four-season-garden.jpg
Requested by: Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d908ad4f70f9691114178bc7c114c938c3585d4b6e1c7942e493155777d41a53

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:51 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Feb 2020 14:38:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e455f4c-12100"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=93d%2BZftU0SgGkcsyg%2FTLqgfaXQTVN4QHYTRipQa9H%2BDq0wgRFFZ7k8chYujMwK40kHN82LMzO3ypJe3jCbBAb2YBB3%2BAD5ztmK%2BYDNP3QVqLw5IDa6nZL%2BRd2fK%2FNf49uK0k3qsQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8b2528e0b8e49b5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 73984
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 yarrow-plant-uses-what-are-the-benefits-of-yarrow.jpg
ar.haenselblatt.com/img/images/ 50 KB
51 KB 96ms
77ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ar.haenselblatt.com/img/images/yarrow-plant-uses-what-are-the-benefits-of-yarrow.jpg
Requested by: Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 524102a75e7ebfc4d8d22ea6c8442f1d394a19fdbe2a4b6fd5e044ddb7b92040

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:51 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Feb 2020 14:38:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e455f4c-c8bb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CtV8b5Ytuq3eAVSt788syfuHlMnCMgu%2FeEzNbxPcftxcRonWnA3TmAKLXR5eL09%2F%2FmNN7nc7NqpFsE8a%2BdtpxxDTcm4QApEK%2BrpNEdUGIXXtAMzDuWNF2WTa7csdUy4P6%2BhzDFct"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8b2528e1ea6c9b5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 51387
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 yarrow-control-tips-to-remove-yarrow.jpg
ar.haenselblatt.com/img/images/ 27 KB
28 KB 93ms
78ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ar.haenselblatt.com/img/images/yarrow-control-tips-to-remove-yarrow.jpg
Requested by: Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32277052c9de04efef2337672e6b616c3ad0d477886c4f756744538570d2787a

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:51 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Feb 2020 14:38:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e455f4c-6dc5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cj1kEHS2bOizVcONVVshL9HitngksYFV6aNWpL58PRwCyvWJ3LITYbJwH934%2F0xLHCXg5FXskig60m%2B9x%2Fyl4HaFJtms2QwjVtFqJP1H%2FflgpcRenl9%2F%2BCgqZHS8Nl24WHFHDtsP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8b2528e1ea779b5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 28101
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 yarrow-care-growing-yarrow-herb-in-your-garden.jpg
ar.haenselblatt.com/img/images/ 30 KB
31 KB 115ms
99ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ar.haenselblatt.com/img/images/yarrow-care-growing-yarrow-herb-in-your-garden.jpg
Requested by: Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3e3cb338c318cac580ff7a60eac8b956ee1712ebc312b78b833b8f59772e87c

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:51 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Feb 2020 14:38:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e455f4c-79b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AGIe2%2BJZ8i1fKhe840roAnYPzizB42mUP7oIy09ClYu7v0k%2FtJ2uA%2FKOe%2F4GrtQ14nhoxhbiArptK83rG7xCE33cKfxHfEBVH1qAdBe77kN%2Fv327uX2NR5BlshUDTY5VvJJgSAo%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8b2528e1ea7b9b5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 31154
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 yam-plant-info-tips-for-growing-chinese-yams.jpg
ar.haenselblatt.com/img/images/ 30 KB
31 KB 116ms
100ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ar.haenselblatt.com/img/images/yam-plant-info-tips-for-growing-chinese-yams.jpg
Requested by: Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf2c5ed4a21da6cee1b1ad174828b34e924b34020d6d7b02df6020f703725c17

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:51 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Feb 2020 14:38:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e455f4c-7826"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ulzb4l9bIXFs62I%2BaWO%2F2GuY4wb60mLVsOVD9m32ZM%2ByKhHdhL3w6eoRicbzy9DRezaXqBgSB%2F933IK%2B5ueEt5tc406Czu3XJBbXeYo4Pc3Ixzvt%2BoSLIk%2F5oI8iYOz54ZEEG2KH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8b2528e1ea7e9b5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30758
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 flags.css
vi.haenselblatt.com/css/ 15 KB
3 KB 118ms
99ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vi.haenselblatt.com/css/flags.css
Requested by: Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c657f600ec9a19ba9d77dd63953305ee476031e318eef70256fc5bcc2076fb74

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:51 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 19 Mar 2012 17:29:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4f676d10-3b30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z7KW2akOGl2vaq2s%2BVtYkip%2FtdEy4FH8Mkh0Ay8Y3lAKCPFuUiZGkGrLjmSwHsu0xt2WCvcCOG7%2B3z3AnsoT4l2OayQB4xv1KuDchf0QlwCrSUpPo0o%2F%2F2rh1Lz5s8nPYzMK15a7"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 8b2528e1ea709b5b-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 simple-jekyll-search.min.js Show response
unpkg.com/simple-jekyll-search@1.5.0/dest/ 5 KB
3 KB 883ms
45ms Script
application/javascript 2606:4700::6811:f7cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/simple-jekyll-search@1.5.0/dest/simple-jekyll-search.min.js

Requested by

Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c6e9c08f3bf317085ed03287d8dd8c46059731d47ab7cba9e05134296fc5cfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:52 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 13166692
last-modified: Mon, 11 Sep 2017 18:45:17 GMT
fly-request-id: 01HRWB61GBX9BT3639R43XP1CE-fra
server: cloudflare
etag: "1538-cMUO/uEsfQz3JaG2l2WBFsFIobY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2528e6ee1d3684-FRA

GET
H2 200 jquery-2.1.4.min.js Show response
code.jquery.com/ 82 KB
29 KB 882ms
44ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.1.4.min.js
Requested by: Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2405109
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 29519
x-served-by: cache-lga21971-LGA, cache-mad22076-MAD
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1723514932.320193,VS0,VE0
etag: W/"28feccc0-14979"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 137, 6656

GET
H3 200 jquery.unveil2.min.js Show response
vi.haenselblatt.com/js/ 3 KB
2 KB 95ms
77ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vi.haenselblatt.com/js/jquery.unveil2.min.js
Requested by: Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec5c31174ce479e50cb8d2dd6ad045ea74a952935dd30a8021e5daf27c1b172f

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:51 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 29 Jan 2024 22:24:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b82593-d3c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QicYJZv6D5ee08o63wOviqyHF1mmze%2FcSHXtcZnp%2BiFC1hVHL%2FOg9jJ7yE7oj0L%2Fx1slhqyAXs4dim%2BIilaoG36Fc3uw%2BK2FGiMdrVg0HfVtsJ1k2JBSa%2BkEzkVi4y4YzYeXz7In"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 8b2528e1ea749b5b-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 4 KB
2 KB 569ms
158ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css

Requested by

Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 377902
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 975
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-fe0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s9s73gmskJ%2Ft1puZp2Phdx%2B7QDNIdBYjuoEcpcTvS49WB42kVt%2BE4Lg0Wm%2FqSfKwY4eaP3bhpBtMBpXJi3%2B6IPKPoUpei0W%2ByMyT7qw%2FEMQ9tLcxJKxRRrkfSE7OZ7eoVrfzS6qo"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b2528e46dc68f3e-FRA
expires: Sun, 03 Aug 2025 02:08:51 GMT

GET
H3 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 20 KB
6 KB 569ms
159ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js

Requested by

Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 375254
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5978
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-5148"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qjiCbGbrCUwv7PsplaS%2F7tXaXsy08mv3Vi5XdKRgejvtZ436RGt7RN%2Fk4BzN29Iqf1%2BPzmbncFLhne0yU5W3Q8MKL9DXw6wQzc1SW%2BAXf%2Bn9%2FiWw3BjVGU0M4etnWqBbfFL1m%2Bav"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b2528e46dc78f3e-FRA
expires: Sun, 03 Aug 2025 02:08:51 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
71 KB 976ms
101ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

dca271e5c10ab729dbf7e10ccb7c82ba4b87625a821dd4bd640279b6807f2033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Aug 2024 09:26:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66b1ec49-11660"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71264
expires: Tue, 13 Aug 2024 03:08:52 GMT

GET
H3 200 flags.png
vi.haenselblatt.com/css/ 29 KB
29 KB 215ms
171ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vi.haenselblatt.com/css/flags.png
Requested by: Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/css/flags.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 367191b7b8ee0aa9769e2a03371f6827f715c07b217ab202112e6ff59b852359

Request headers

Referer: https://vi.haenselblatt.com/css/flags.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:51 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Mar 2012 16:58:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4f6765ae-7226"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2B2Jpl4b5gXcZDPMxOk7R2XhuoATcR2yaKKNjBJ5JkSHUDTxS81nLihbqwtWKcpM6lTM4%2BE1HpJ7raz9xM8RdpAUEB6sexwbS4IpT2UlnwR2aGQkzR17ByLS0%2Bz5hEWbHM2YtaC6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8b2528e39c669b5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29222
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 881ms
48ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vi.haenselblatt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 06:52:22 GMT
x-content-type-options: nosniff
age: 501390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Aug 2025 06:52:22 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 9 KB
10 KB 870ms
46ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26a448d7f02e7b021d15ba5d546ce57d822e6c7728420eb089a23adf10ea26ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vi.haenselblatt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:00:40 GMT
x-content-type-options: nosniff
age: 7692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9512
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:58:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 00:00:40 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 27 KB
27 KB 870ms
47ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vi.haenselblatt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 21:09:38 GMT
x-content-type-options: nosniff
age: 449954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27812
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:37:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Aug 2025 21:09:38 GMT

GET
H3 200 search.json
vi.haenselblatt.com/ 2 MB
0 173ms
144ms XHR
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vi.haenselblatt.com/search.json
Requested by: Host: unpkg.com
URL: https://unpkg.com/simple-jekyll-search@1.5.0/dest/simple-jekyll-search.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Mar 2020 21:28:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2ccb9e-5a09aeac8f700"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q1DWCb3%2F7IvN5htN85Qqm5rpGTvyGEc6qPQGaiZ8IaWzPXnnkTmf2IGEh4koR9rr2mmRaoJMDgGAw1O2drpb0fKAktRTupHQB8Rfh36SVduvG%2BAVIulXQcQ7hzG97w48A29GGphY"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=5
cf-ray: 8b2528e7e85d9b5b-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 13 Aug 2024 02:08:57 GMT

GET
H3 200 script.js Show response
www.anltc.cc/js/ 819 B
920 B 187ms
88ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anltc.cc/js/script.js
Requested by: Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/js/jquery.unveil2.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbe873ab99c1f241015fb10782da87e1c26ff337721a3f796874168430ee8f18

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Jan 2024 21:30:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 159
etag: W/"333-60eb2427e26c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YMGdqVC4Gx2tENAlsS9yk8IQnuiXduG1EoE0CkRyFeaaJurZU6gAUOHz4L85mxfPFfRB558oDq9G%2BcxXBTt2sO%2BRMsoT7yRWaDH4gE7rGxmrJ%2BNjxTPj0G3hZKsxuXc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b2528eddb1b92c6-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 5ac00c99-a9b2-47da-aa87-fd040ea5a192.min.js Show response
cmp.optad360.io/items/ 2 B
405 B 294ms
35ms Script
application/javascript 2600:9000:2156:e000:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/5ac00c99-a9b2-47da-aa87-fd040ea5a192.min.js
Requested by: Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/js/jquery.unveil2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e000:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 04:47:58 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
last-modified: Wed, 24 Apr 2024 11:39:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 595256
etag: "99914b932bd37a50b983c5e7c90ae93b"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2
x-amz-cf-id: G6iGoIJoXyRff33qHIdUA-QwUQckIQzY42nhGboC191hgzztx-BrCw==

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

POST
H3 200 event Show response
www.anltc.cc/api/ 3 B
520 B 313ms
247ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anltc.cc/api/event
Requested by: Host: www.anltc.cc
URL: https://www.anltc.cc/js/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.30
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Tue, 13 Aug 2024 02:08:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.0.30
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-ratelimit-remaining: 59
vary: Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://vi.haenselblatt.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D0KeGt98xgi%2BbKL2yQxojGK1pAz%2BMuoVIdFyWM5KdWZLRudFRXkx8gkr%2FoTM4LOy%2BRRtl0gGMY0Sobvuk%2Bp3FOPyY%2F4Y0MpNQpVYoHVtrhHb94IV%2Bry8MYyZLG%2F6gMg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 60
cf-ray: 8b2528f03b2f39ca-FRA

OPTIONS
H3 204 event
www.anltc.cc/api/ Frame 0
0 242ms
198ms Preflight
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anltc.cc/api/event
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.30
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://vi.haenselblatt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://vi.haenselblatt.com
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8b2528eeca6f39ca-FRA
content-type: text/html; charset=UTF-8
date: Tue, 13 Aug 2024 02:08:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sWiP6b1gzhYV5%2BFWZ%2FjA72PFWvVHL%2FzuYyvHHTs5pznZ2BEGiSPb786xM5vFm%2Byu%2F48ZK05C8MqG0KqZF8TmosddAJXp2ainzM3u7RjKtcQlx4SHYZ8redvLX9rEz4E%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-powered-by: PHP/8.0.30

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408120101/ 423 KB
142 KB 115ms
90ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6284591903398394&plah=vi.haenselblatt.com&bust=31086072

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

75d748f8a4fb74ccded22030029334c0721e7666bf3a8267c9243d21a2736f0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145535
x-xss-protection: 0
server: cafe
etag: 8501235954718397203
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Aug 2024 02:08:53 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 104 KB
32 KB 199ms
126ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/c948c303-5698-4522-ab5f-4b31b2e48774/plugin.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

11b3fa58537658d27af8a8103a9671682121732b9f8a8b34d5e5dfcfa64b0e8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32783
x-xss-protection: 0
server: cafe
etag: 287 / 19948 / m202408080101 / config-hash: 18247284714178787425
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Aug 2024 02:08:53 GMT

GET
H2 200 prebid8.20.2.js Show response
get.optad360.io/assets/js/ 510 KB
164 KB 84ms
21ms Script
text/javascript 2600:9000:275b:3000:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/c948c303-5698-4522-ab5f-4b31b2e48774/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:3000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 510178b6d31d46a54c7bdacc0456720c5bbb9be1c47f603ecffc61899018b768

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 01:21:52 GMT
content-encoding: gzip
via: 1.1 4f2a14569b371893f3851a804b6ae8dc.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2024 07:08:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 2822
etag: W/"643c66a3d7b92031d1740b1b750e096d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=360000000
x-amz-cf-id: XIeDOheoc7kIOl6ftMQFRD8fdjQOsUCnNRxKWl3WCykxIj9PGFOiVg==

GET
H2 200 branding-ads.svg
cdn.optad360.net/icons/ 7 KB
3 KB 329ms
40ms Image
image/svg+xml 2600:9000:21f3:1a00:f:a31d:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.optad360.net/icons/branding-ads.svg
Requested by: Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1a00:f:a31d:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 05:14:26 GMT
content-encoding: gzip
via: 1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 18651269
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=360000000
x-amz-cf-id: 5E8ABmQyfmNOTnpAxxAmlBYseya8a8uRU1g8jqR7N5Mf8_kTBo4qPw==

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10459.GySzFO8Xoo9M3WVy4phjaCHChMI3TinxGPmExzpP78bUh9orPhEvS_SrVr3T8Pi0.mYwMMBwLXaPRulywbXwtCk9DWCA%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10459.HXQo2LSy9N_TkgXW4nu-OHRVdvRyGqu8XVMTsrMWxpcoHFfvM84dfePVthetI1hg_w0bCBSEdXy1m-6FPoRPg7WRrMMgDiYr14VbhyUXqdXV4VnU-I55peNWjegIoIArUQL7jBhcwv...

43 B
674 B

103ms
79ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10459.HXQo2LSy9N_TkgXW4nu-OHRVdvRyGqu8XVMTsrMWxpcoHFfvM84dfePVthetI1hg_w0bCBSEdXy1m-6FPoRPg7WRrMMgDiYr14VbhyUXqdXV4VnU-I55peNWjegIoIArUQL7jBhcwvmTppAVvaW68EMS8XL21FussNOR9ntd7FjOMMyZvECAu8rDqNhNB6zZDvht6HpmGZDHHUSmbd8oSfgUjeDG7kWmkn2cPreT-HY%2C.NmVmy0f5ruQJIu88bDdpLOHYqsc%2C

Requested by

Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:54 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10459.HXQo2LSy9N_TkgXW4nu-OHRVdvRyGqu8XVMTsrMWxpcoHFfvM84dfePVthetI1hg_w0bCBSEdXy1m-6FPoRPg7WRrMMgDiYr14VbhyUXqdXV4VnU-I55peNWjegIoIArUQL7jBhcwvmTppAVvaW68EMS8XL21FussNOR9ntd7FjOMMyZvECAu8rDqNhNB6zZDvht6HpmGZDHHUSmbd8oSfgUjeDG7kWmkn2cPreT-HY%2C.NmVmy0f5ruQJIu88bDdpLOHYqsc%2C
strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 02:08:54 GMT
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
620 B 133ms
83ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 02:08:54 GMT
last-modified: Tue, 06 Aug 2024 09:26:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66b1ec49-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 13 Aug 2024 03:08:54 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/ 474 KB
148 KB 62ms
55ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

4914b807405c17918f0690e7ab75bfb6eba6053859cc7eb477f0482c255b8075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 18:09:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28784
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 151130
x-xss-protection: 0
server: cafe
etag: 11205447520193479331
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 12 Aug 2025 18:09:10 GMT

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame E2D3 0
0 308ms
67ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://vi.haenselblatt.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1046
content-type: text/html
date: Tue, 13 Aug 2024 02:08:54 GMT
etag: "66b1ec49-416"
expires: Tue, 13 Aug 2024 03:08:54 GMT
last-modified: Tue, 06 Aug 2024 09:26:33 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2

200

1 Show response
mc.yandex.com/watch/49787647/
Redirect Chain

https://mc.yandex.com/watch/49787647?wmode=7&page-url=https%3A%2F%2Fvi.haenselblatt.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3...
https://mc.yandex.com/watch/49787647/1?wmode=7&page-url=https%3A%2F%2Fvi.haenselblatt.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8...

476 B
849 B

110ms
71ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/49787647/1?wmode=7&page-url=https%3A%2F%2Fvi.haenselblatt.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A656359305097%3Ahid%3A653284813%3Az%3A120%3Ai%3A20240813040854%3Aet%3A1723514934%3Ac%3A1%3Arn%3A187760620%3Arqn%3A1%3Au%3A1723514934302423301%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2213%3Awv%3A2%3Ads%3A301%2C367%2C44%2C3%2C1%2C0%2C%2C2879%2C1%2C%2C%2C%2C3596%3Aco%3A0%3Acpf%3A1%3Ans%3A1723514929710%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1723514935%3At%3ATh%C3%B4ng%20tin%20h%E1%BB%AFu%20%C3%ADch%20v%C3%A0%20l%E1%BB%9Di%20khuy%C3%AAn%20l%C3%A0m%20v%C6%B0%E1%BB%9Dn.%20Blog%20l%C3%A0m%20v%C6%B0%E1%BB%9Dn%20chuy%C3%AAn%20nghi%E1%BB%87p%21%20%7C%20L%C3%A0m%20th%E1%BA%BF%20n%C3%A0o%20%C4%91%E1%BB%83%20tr%E1%BB%9F%20th%C3%A0nh%20m%E1%BB%99t%20ng%C6%B0%E1%BB%9Di%20l%C3%A0m%20v%C6%B0%E1%BB%9Dn%20chuy%C3%AAn%20nghi%E1%BB%87p.%20Th%C3%B4ng%20tin%20h%E1%BB%AFu%20%C3%ADch%20v%C3%A0%20l%E1%BB%9Di%20khuy%C3%AAn%20cho%20vi%E1%BB%87c%20ch%C4%83m%20s%C3%B3c%20c%C3%A2y.%20B%C3%A1ch%20khoa%20to%C3%A0n%20th%C6%B0%20v%E1%BB%81%20l%C3%A0m%20v%C6%B0%E1%BB%9Dn.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29

Requested by

Host: vi.haenselblatt.com
URL: https://vi.haenselblatt.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

4a793831388cdd72aa2ed01eb76b58040e0814140a8de146ed7279349cf76c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 02:08:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 13-Aug-2024 02:08:54 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vi.haenselblatt.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 476
x-xss-protection: 1; mode=block
expires: Tue, 13-Aug-2024 02:08:54 GMT

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 02:08:54 GMT
last-modified: Tue, 13-Aug-2024 02:08:54 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: https://vi.haenselblatt.com
location: /watch/49787647/1?wmode=7&page-url=https%3A%2F%2Fvi.haenselblatt.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A656359305097%3Ahid%3A653284813%3Az%3A120%3Ai%3A20240813040854%3Aet%3A1723514934%3Ac%3A1%3Arn%3A187760620%3Arqn%3A1%3Au%3A1723514934302423301%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2213%3Awv%3A2%3Ads%3A301%2C367%2C44%2C3%2C1%2C0%2C%2C2879%2C1%2C%2C%2C%2C3596%3Aco%3A0%3Acpf%3A1%3Ans%3A1723514929710%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1723514935%3At%3ATh%C3%B4ng%20tin%20h%E1%BB%AFu%20%C3%ADch%20v%C3%A0%20l%E1%BB%9Di%20khuy%C3%AAn%20l%C3%A0m%20v%C6%B0%E1%BB%9Dn.%20Blog%20l%C3%A0m%20v%C6%B0%E1%BB%9Dn%20chuy%C3%AAn%20nghi%E1%BB%87p%21%20%7C%20L%C3%A0m%20th%E1%BA%BF%20n%C3%A0o%20%C4%91%E1%BB%83%20tr%E1%BB%9F%20th%C3%A0nh%20m%E1%BB%99t%20ng%C6%B0%E1%BB%9Di%20l%C3%A0m%20v%C6%B0%E1%BB%9Dn%20chuy%C3%AAn%20nghi%E1%BB%87p.%20Th%C3%B4ng%20tin%20h%E1%BB%AFu%20%C3%ADch%20v%C3%A0%20l%E1%BB%9Di%20khuy%C3%AAn%20cho%20vi%E1%BB%87c%20ch%C4%83m%20s%C3%B3c%20c%C3%A2y.%20B%C3%A1ch%20khoa%20to%C3%A0n%20th%C6%B0%20v%E1%BB%81%20l%C3%A0m%20v%C6%B0%E1%BB%9Dn.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 13-Aug-2024 02:08:54 GMT

GET
H2 200 ca-pub-6284591903398394
fundingchoicesmessages.google.com/i/ 33 KB
0 302ms
53ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6284591903398394?href=https%3A%2F%2Fvi.haenselblatt.com&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6284591903398394&plah=vi.haenselblatt.com&bust=31086072

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-bQpRqZHX2mM4VGRB0OHJ_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:08:55 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-bQpRqZHX2mM4VGRB0OHJ_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII0JBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViJP-nWctAmJ3rYus_kC8JOIi66HEi6yGCpdYHYF4ev0l1vlAvPfjJdajQOzIcZnVE4iFeDi2N7zeyiZwYcaymYxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJgYWhoZ6BubxBQYAm6U_rw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 0
0

GET localstore.js
script.4dex.io/ 0
0

POST
H/1.1 200
OK auction
rtb.adxpremium.services/openrtb2/ 0
0 314ms
129ms Fetch
application/json 185.106.140.18
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 13 Aug 2024 02:08:55 GMT
Server: nginx
X-Prebid: pbs-go/unknown
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://vi.haenselblatt.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1961
Expires: 0

POST
H2 200 prebid
ib.adnxs.com/ut/v3/ 0
0 303ms
129ms Fetch
application/json 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 02:08:55 GMT
an-x-request-uuid: 0c8a7f59-cb77-4b18-b287-7aae03024e5f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vi.haenselblatt.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 95.211.199.150; 95.211.199.150; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 143
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST v1
prg.smartadserver.com/prebid/ 0
0

POST pbjs
useast.quantumdex.io/auction/ 0
0

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
334 B 290ms
117ms Fetch 2606:4700:10::6816:1ed1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 02:08:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://vi.haenselblatt.com
cache-control: private, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2528fa39931c9b-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: -1

POST
H2 200 prebid-request
onetag-sys.com/ 0
0 290ms
118ms Fetch
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vi.haenselblatt.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 prebidjs
rtb.openx.net/openrtbb/ 0
0 292ms
121ms Fetch
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 02:08:55 GMT
content-encoding: gzip
via: 1.1 google
observe-browsing-topics: ?1
vary: Origin
x-forwarded-for: 95.211.199.150
content-type: text/plain
access-control-allow-origin: https://vi.haenselblatt.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
176 B 294ms
123ms Fetch 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?bdver=5.91&pbver=8.20.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://vi.haenselblatt.com
date: Tue, 13 Aug 2024 02:08:55 GMT
access-control-allow-credentials: true
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
server: nginx
vary: Origin
accept-ch-lifetime: 604800

POST c
prebid.a-mo.net/a/ 0
0

GET /
d.vidoomy.com/api/rtbserver/prebid/ 0
0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
533 B 294ms
127ms Fetch 37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 02:08:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vi.haenselblatt.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
182 B 286ms
123ms Fetch 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://vi.haenselblatt.com
date: Tue, 13 Aug 2024 02:08:55 GMT
access-control-max-age: 3600
access-control-allow-credentials: true
vary: Origin
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
226 B 293ms
130ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.20.0&cb=47886671970&lsavail=1

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 02:08:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
observe-browsing-topics: ?1
vary: Origin
access-control-allow-origin: https://vi.haenselblatt.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST c
prebid.a-mo.net/a/ 0
0

POST v1
prg.smartadserver.com/prebid/ 0
0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
534 B 287ms
126ms Fetch 37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 02:08:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vi.haenselblatt.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET /
d.vidoomy.com/api/rtbserver/prebid/ 0
0

POST
H2 200 prebid
ib.adnxs.com/ut/v3/ 0
0 282ms
125ms Fetch
application/json 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 02:08:55 GMT
an-x-request-uuid: d1bf42f5-b791-4d92-ba54-45e042d8a78d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vi.haenselblatt.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 95.211.199.150; 95.211.199.150; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 145
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebidjs
rtb.openx.net/openrtbb/ 0
0 276ms
120ms Fetch
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 02:08:55 GMT
content-encoding: gzip
via: 1.1 google
observe-browsing-topics: ?1
vary: Origin
x-forwarded-for: 95.211.199.150
content-type: text/plain
access-control-allow-origin: https://vi.haenselblatt.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
17 B 279ms
124ms Fetch 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?bdver=5.91&pbver=8.20.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://vi.haenselblatt.com
date: Tue, 13 Aug 2024 02:08:55 GMT
access-control-allow-credentials: true
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
server: nginx
vary: Origin
accept-ch-lifetime: 604800

POST pbjs
useast.quantumdex.io/auction/ 0
0

POST
H/1.1 200
OK auction
rtb.adxpremium.services/openrtb2/ 0
0 282ms
135ms Fetch
application/json 185.106.140.18
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 13 Aug 2024 02:08:55 GMT
Server: nginx
X-Prebid: pbs-go/unknown
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://vi.haenselblatt.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1962
Expires: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 279ms
124ms Fetch 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://vi.haenselblatt.com
date: Tue, 13 Aug 2024 02:08:55 GMT
access-control-max-age: 3600
access-control-allow-credentials: true
vary: Origin
access-control-allow-methods: POST

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
37 B 271ms
118ms Fetch 2606:4700:10::6816:1ed1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 02:08:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://vi.haenselblatt.com
cache-control: private, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2528fa39921c9b-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: -1

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
225 B 273ms
120ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.20.0&cb=65350715321&lsavail=1

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 02:08:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
observe-browsing-topics: ?1
vary: Origin
access-control-allow-origin: https://vi.haenselblatt.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 200 prebid-request
onetag-sys.com/ 0
0 269ms
117ms Fetch
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://vi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vi.haenselblatt.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET g_pbto
1x1.a-mo.net/hbx/ 0
0

GET publishertag.prebid.139.js
static.criteo.net/js/ld/ 0
0

GET g_pbto
1x1.a-mo.net/hbx/ 0
0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 451ms
42ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvi.haenselblatt.com%2F&domain=vi.haenselblatt.com&cw=1&lsw=1&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://vi.haenselblatt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://vi.haenselblatt.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 13 Aug 2024 02:08:59 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 203087
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET json
gum.criteo.com/sid/ 0
0

GET rid
match.adsrvr.org/track/ 0
0

GET
H2 200 /
csync.smilewanted.com/ Frame C51E 0
0 127ms
36ms Document
text/html 2606:4700:10::6816:1fd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vi.haenselblatt.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8b25291269339756-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 13 Aug 2024 02:08:59 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 pbjs
sync.quantumdex.io/usersync/ Frame 52FE 0
0 303ms
234ms Document
text/html 172.67.42.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vi.haenselblatt.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b2529125bc44daa-FRA
content-encoding: br
content-type: text/html
date: Tue, 13 Aug 2024 02:08:59 GMT
server: cloudflare

GET
H2 204 isyn
prebid.a-mo.net/ Frame F287 0
0 67ms
20ms Document
text/plain 145.40.97.77
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.77 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: omni-am6-8rdni7
Software: envoy /
Resource Hash

Request headers

Referer: https://vi.haenselblatt.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
date: Tue, 13 Aug 2024 02:08:58 GMT
server: envoy
vary: accept-encoding, Accept-Encoding
x-envoy-upstream-service-time: 1

GET
H2 200 usersync
ssp.wp.pl/bidder/ Frame 7980 0
0 147ms
49ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=43190899129473050000&sn=mc_adapter
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash

Request headers

Referer: https://vi.haenselblatt.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-length: 281
content-type: text/html; charset=utf-8
date: Tue, 13 Aug 2024 02:08:59 GMT
last-modified: Sat, 06 Jul 2024 10:13:42 GMT
server: nginx
vary: Origin,Accept-Encoding

GET sync.php
pixel.rubiconproject.com/exchange/ 0
0

GET sync
x.bidswitch.net/ 0
0

GET prebid
rtb.openx.net/sync/ 0
0

GET cookie
cm.adform.net/ 0
0

GET pixelSync
pixel-sync.sitescout.com/dmp/ 0
0

POST 1
mc.yandex.com/watch/49787647/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240813

Domain: script.4dex.io
URL: https://script.4dex.io/localstore.js

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: useast.quantumdex.io
URL: https://useast.quantumdex.io/auction/pbjs

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/a/c

Domain: d.vidoomy.com
URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=35453&adtype=banner&auc=oa-360-1723514933752_78nxannh5&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36&l=nl&dt=1&pid=62135&requestId=20b02e8da2e2003&schain=1.0%2C1!optad360.com%2C9969112%2C1%2C%2C%2C&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223a35d63c-7f76-4528-9cf0-6d20dfa55255%22%2C%22atype%22%3A1%7D%5D%7D%5D&bidfloor=0&d=haenselblatt.com&sp=https%253A%252F%252Fvi.haenselblatt.com%252F&usp=&coppa=false&videoContext=&bcat=&badv=&bapp=&btype=&battr=&gdpr=false&gdprcs=undefined

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/a/c

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: d.vidoomy.com
URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=35453&adtype=banner&auc=oa-360-1723514933753_00o2idykh&w=1140&h=250&pos=1&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36&l=nl&dt=1&pid=62135&requestId=345bff9761f2fe6&schain=1.0%2C1!optad360.com%2C9969112%2C1%2C%2C%2C&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223a35d63c-7f76-4528-9cf0-6d20dfa55255%22%2C%22atype%22%3A1%7D%5D%7D%5D&bidfloor=0&d=haenselblatt.com&sp=https%253A%252F%252Fvi.haenselblatt.com%252F&usp=&coppa=false&videoContext=&bcat=&badv=&bapp=&btype=&battr=&gdpr=false&gdprcs=undefined

Domain: useast.quantumdex.io
URL: https://useast.quantumdex.io/auction/pbjs

Domain: 1x1.a-mo.net
URL: https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&ts=1723514936161&eid=53bbc0af350046d

Domain: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js

Domain: 1x1.a-mo.net
URL: https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&ts=1723514936179&eid=541772b32a833dd

Domain: gum.criteo.com
URL: https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvi.haenselblatt.com%2F&domain=vi.haenselblatt.com&cw=1&lsw=1&gdpr=0

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=undefined&us_privacy=

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=0&gdpr_consent=undefined&us_privacy=

Domain: rtb.openx.net
URL: https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=undefined&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D$%7BUID%7D

Domain: cm.adform.net
URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID

Domain: pixel-sync.sitescout.com
URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=undefined&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D

Domain: mc.yandex.com
URL: https://mc.yandex.com/watch/49787647/1?page-url=https%3A%2F%2Fvi.haenselblatt.com%2F&charset=utf-8&hittoken=1723514934_8376fdd06bed405cc41c2721a664ea587c9eb9a6f8149dcf5da4f2b35311a6b1&browser-info=nb%3A1%3Acl%3A656%3Aar%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1410%3Acn%3A1%3Adp%3A1%3Als%3A656359305097%3Ahid%3A653284813%3Az%3A120%3Ai%3A20240813040909%3Aet%3A1723514949%3Ac%3A1%3Arn%3A329676061%3Arqn%3A2%3Au%3A1723514934302423301%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1723514929710%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1723514949&t=gdpr(14)clc(0-0-0)rqnt(2)lt(15800)aw(1)rcm(1)cdl(na)eco(21037568)dss(2)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22ct%22%3A%5B%5D%7D%7D

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-21 00:54:50	Name: sync Value: CgoIoQEQqNP7y5QyCgoI4gEQqNP7y5QyCgoI5gEQqNP7y5QyCgoIhwIQqNP7y5QyCgkIOhCo0_vLlDIKCQgbEKjT-8uUMgoKCIwCEKjT-8uUMgoKCKwCEKjT-8uUMgoKCK0CEKjT-8uUMgoJCF8QqNP7y5Qy
.yandex.ru/	1970-01-21 08:21:14	Name: i Value: +hmerLgmgynUAC6v3p7PQEePMMvTHErT+3RcHQYVB7mz5EzNs6Cu/kkm/NNAWX3ALNQ2jLZq2sdKzBREvnjhthAI3fM=
.yandex.ru/	1970-01-21 08:21:14	Name: yandexuid Value: 2922553421723514932
.yandex.ru/	1970-01-21 07:30:50	Name: yashr Value: 620365991723514932
.haenselblatt.com/	1970-01-21 07:30:50	Name: _ym_uid Value: 1723514934302423301
.haenselblatt.com/	1970-01-21 07:30:50	Name: _ym_d Value: 1723514934
.mc.yandex.com/	1970-01-20 22:45:15	Name: sync_cookie_csrf Value: 4201159145fake
.yandex.com/	1970-01-21 07:30:50	Name: yashr Value: 8199344541723514934
.haenselblatt.com/	1970-01-20 22:46:26	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 22:45:15	Name: sync_cookie_csrf Value: 1041371138fake
.yandex.com/	1970-01-21 07:30:50	Name: yandexuid Value: 2922553421723514932
.yandex.com/	1970-01-21 07:30:50	Name: yuidss Value: 2922553421723514932
.yandex.com/	1970-01-21 08:21:14	Name: i Value: +hmerLgmgynUAC6v3p7PQEePMMvTHErT+3RcHQYVB7mz5EzNs6Cu/kkm/NNAWX3ALNQ2jLZq2sdKzBREvnjhthAI3fM=
.yandex.com/	1970-01-21 08:21:14	Name: yp Value: 1723601334.yu.7181643691723514934
.mc.yandex.com/	1970-01-20 22:46:41	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1172256361723514934
.yandex.com/	1970-01-21 07:30:50	Name: ymex Value: 1726106934.oyu.7181643691723514934#1755050934.yrts.1723514934
.yandex.com/	1970-01-21 07:30:50	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 08:21:14	Name: bh Value: KgI/MGC2gOu1Bg==
.haenselblatt.com/	1970-01-21 07:30:50	Name: _sharedID Value: 3a35d63c-7f76-4528-9cf0-6d20dfa55255
.haenselblatt.com/	1970-01-21 07:30:50	Name: _sharedID_cst Value: kSylLAssaw%3D%3D
.adnxs.com/	1970-01-21 00:54:50	Name: icu Value: ChgI5K9eEAoYASABKAEwt4DrtQY4AUABSAEQt4DrtQYYAA..
.adnxs.com/	1970-01-21 08:21:14	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 00:54:50	Name: XANDR_PANID Value: iW-steemomXdybholdukrVZpHYc7fL0POEBtFVRAYTl3bDroTmzJQLgplrCiDwGV9PT4gfNNKb5rDjZzQUHnuSVIwx8IQvZ_iJ1BX5FJwFs.
.adnxs.com/	1970-01-21 00:54:50	Name: uuid2 Value: 339336218796929229
.quantumdex.io/	1970-01-20 22:59:38	Name: uid Value: 7df3c7da-7365-411f-85fd-d522664ddf0c
.3lift.com/	1970-01-21 00:54:50	Name: tluidp Value: 4033642470095543734648
.3lift.com/	1970-01-21 00:54:50	Name: tluid Value: 4033642470095543734648
.adform.net/	1970-01-21 00:11:38	Name: uid Value: 2431036873577744986
.doubleclick.net/	1970-01-21 08:06:50	Name: IDE Value: AHWqTUkvK5eyTEgDpP14VpvreiiM6Ndkf7EFntBMquw_T_58OpyXsA_Ni77dpWGIqVs
.bing.com/	1970-01-21 08:06:50	Name: MUID Value: 2ED565A19AA86E2A3617717B9B686F47
.c.bing.com/	1970-01-20 22:55:19	Name: MR Value: 0
.shb-sync.com/	1970-01-20 23:05:24	Name: smart_usr Value: a659fa0b-645b-4cc4-a5f1-6256b928c53a
.shb-sync.com/	1970-01-20 23:05:24	Name: smart_r Value: 33333
.smilewanted.com/	1970-01-21 07:31:11	Name: sw_user_params_infos Value: TLuLwFRFzi%2FzHwTWHtPqV39SqBPcAkZ53Hle9%2F6v0%2B0ocYhr5kL4kJIOC49Sz0h%2FpS4%2BRY%2F9Bxa7guEamFB%2BzCeaFAsjLxo83EgaLbKIs97wGAX8iGT4LgmjA4JDk3pf%2B%2FkwLrIzdZCduxX0AnmIDQkaWF0dWEKYNDJsknl85y%2FF%2FCFj60%2B8Xo82rvvzSXdXtd58W6TezqSouZcKkfKOPRuOpGRGB9%2FCCRhVpPBRS6oBUFdbrg5c93UPwdaGhbkwAMa5n7FOuurf0cOTFLqB8Q%3D%3D
sync.srv.stackadapt.com/	1970-01-21 07:30:50	Name: sa-user-id Value: s%3A0-f617f5dd-d714-53dd-521a-2dd7fc79d532.lLsK%2B38woM2ScMnafNqUzuNx8mdWuSf7BemDbG3eXpU
.srv.stackadapt.com/	1970-01-21 07:30:50	Name: sa-user-id Value: s%3A0-f617f5dd-d714-53dd-521a-2dd7fc79d532.lLsK%2B38woM2ScMnafNqUzuNx8mdWuSf7BemDbG3eXpU
sync.srv.stackadapt.com/	1970-01-21 07:30:50	Name: sa-user-id-v2 Value: s%3A9hf13dcUU91SGi3X_HnVMl_Tx5Y.4obhcSG3rGh3q%2BJ2sk%2BLQ03ICYCe%2BmTrglulDItOOP4
.srv.stackadapt.com/	1970-01-21 07:30:50	Name: sa-user-id-v2 Value: s%3A9hf13dcUU91SGi3X_HnVMl_Tx5Y.4obhcSG3rGh3q%2BJ2sk%2BLQ03ICYCe%2BmTrglulDItOOP4
sync.srv.stackadapt.com/	1970-01-21 07:30:50	Name: sa-user-id-v3 Value: s%3AAQAKIIHtmN4aXGrTtDAse1aCvzuGlguHtB0XG_U3_OaVOvqDEGcYBCC8gOu1BjABOgTwU00QQgTdKCo5.R%2Fan1MK09RlTajm3kyRR5pxk2HYi9iWgC0mSg%2BUk7JU
.srv.stackadapt.com/	1970-01-21 07:30:50	Name: sa-user-id-v3 Value: s%3AAQAKIIHtmN4aXGrTtDAse1aCvzuGlguHtB0XG_U3_OaVOvqDEGcYBCC8gOu1BjABOgTwU00QQgTdKCo5.R%2Fan1MK09RlTajm3kyRR5pxk2HYi9iWgC0mSg%2BUk7JU
.linkedin.com/	1970-01-21 07:30:50	Name: bcookie Value: "v=2&4268f4ef-6371-4bb5-8a29-1143afb5506a"
.linkedin.com/	1970-01-21 03:04:26	Name: li_gc Value: MTswOzE3MjM1MTQ5Mzk7MjswMjESvP/NmcKZ81pC7JrTQKhlsRGo/3XAvu8VL6iAVT/HlA==
.linkedin.com/	1970-01-20 22:46:41	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=3316:u=1:x=1:i=1723514940:t=1723601340:v=2:sig=AQHBgAkvtQbV84DqEFOAnb0I3DKm70yx"

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://vi.haenselblatt.com/ Message: Access to fetch at 'https://useast.quantumdex.io/auction/pbjs' from origin 'https://vi.haenselblatt.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://useast.quantumdex.io/auction/pbjs Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://vi.haenselblatt.com/ Message: Access to fetch at 'https://useast.quantumdex.io/auction/pbjs' from origin 'https://vi.haenselblatt.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://useast.quantumdex.io/auction/pbjs Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1x1.a-mo.net
adx.adform.net
ar.haenselblatt.com
bidder.criteo.com
cdn.jsdelivr.net
cdn.optad360.net
cdnjs.cloudflare.com
cm.adform.net
cmp.optad360.io
code.jquery.com
csync.smilewanted.com
d.vidoomy.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
get.optad360.io
gum.criteo.com
ib.adnxs.com
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.smilewanted.com
prg.smartadserver.com
rtb.adxpremium.services
rtb.openx.net
script.4dex.io
securepubads.g.doubleclick.net
ssp.wp.pl
static.criteo.net
sync.quantumdex.io
unpkg.com
useast.quantumdex.io
vi.haenselblatt.com
www.anltc.cc
x.bidswitch.net
1x1.a-mo.net
cdn.jsdelivr.net
cm.adform.net
d.vidoomy.com
gum.criteo.com
match.adsrvr.org
mc.yandex.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
prebid.a-mo.net
prg.smartadserver.com
rtb.openx.net
script.4dex.io
static.criteo.net
useast.quantumdex.io
x.bidswitch.net
104.17.25.14
142.250.186.66
145.40.97.77
172.217.16.194
172.67.42.201
178.250.1.11
178.250.1.8
185.106.140.18
185.184.8.90
188.114.96.3
188.114.97.3
212.77.99.29
2600:9000:2156:e000:6:b871:4f00:93a1
2600:9000:21f3:1a00:f:a31d:75c0:93a1
2600:9000:275b:3000:11:a4de:2580:93a1
2606:4700:10::6816:1ed1
2606:4700:10::6816:1fd1
2606:4700::6811:f7cb
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200a
2a02:6b8::1:119
2a04:4e42::649
35.186.253.211
37.157.6.237
37.252.171.21
51.89.9.254
1076d5bb7f1896b00ca2e5fe084f70af57c528d2b01ef24d986e4a5941bc270a
11b3fa58537658d27af8a8103a9671682121732b9f8a8b34d5e5dfcfa64b0e8e
17c42a335857c3ff4863798c56416224f24f4ca283ee42b08ed33c77b80b53be
1ea8bf9e81ffe4f66ad9007a3e3725a0fe92a2b07c86976dd378b72e895a2d51
26a448d7f02e7b021d15ba5d546ce57d822e6c7728420eb089a23adf10ea26ef
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
32277052c9de04efef2337672e6b616c3ad0d477886c4f756744538570d2787a
367191b7b8ee0aa9769e2a03371f6827f715c07b217ab202112e6ff59b852359
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4914b807405c17918f0690e7ab75bfb6eba6053859cc7eb477f0482c255b8075
4a793831388cdd72aa2ed01eb76b58040e0814140a8de146ed7279349cf76c38
510178b6d31d46a54c7bdacc0456720c5bbb9be1c47f603ecffc61899018b768
524102a75e7ebfc4d8d22ea6c8442f1d394a19fdbe2a4b6fd5e044ddb7b92040
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
61f0289508a17350d0862e5e31e983e667fea5a543cc2b4fff411af39b5bd2b8
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
749d584d553121457f53926f2d79727f2b5877d012bdf2c72f2ec6b8d2d6fad6
75d748f8a4fb74ccded22030029334c0721e7666bf3a8267c9243d21a2736f0b
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
7c6e9c08f3bf317085ed03287d8dd8c46059731d47ab7cba9e05134296fc5cfa
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bf2c5ed4a21da6cee1b1ad174828b34e924b34020d6d7b02df6020f703725c17
c3e3cb338c318cac580ff7a60eac8b956ee1712ebc312b78b833b8f59772e87c
c657f600ec9a19ba9d77dd63953305ee476031e318eef70256fc5bcc2076fb74
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
cbe873ab99c1f241015fb10782da87e1c26ff337721a3f796874168430ee8f18
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d5f8b116a35a9188b61cdbcfbe88a1deff870893153fc3a51e4bf4d30a142910
d908ad4f70f9691114178bc7c114c938c3585d4b6e1c7942e493155777d41a53
dca271e5c10ab729dbf7e10ccb7c82ba4b87625a821dd4bd640279b6807f2033
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec5c31174ce479e50cb8d2dd6ad045ea74a952935dd30a8021e5daf27c1b172f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09558ac9e3c60e1f166a9226e68804022e72b8683d50ce677c7046d7ddd2e74
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
ff5d6452110ae3d975d37313921da31a75bef87a81348e574f3ff9adfc73d412

vi.haenselblatt.com Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

83 Requests

72 %HTTPS

41 %IPv6

34 Domains

41 Subdomains

28 IPs

9 Countries

1116 kBTransfer

4371 kBSize

44 Cookies

34 Outgoing links

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vi.haenselblatt.com Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

72 %
HTTPS

41 %
IPv6

34
Domains

41
Subdomains

28
IPs

9
Countries

1116 kB
Transfer

4371 kB
Size

44
Cookies

83 HTTP transactions
1 data transactions